Overview

McAfee DLP Discover allows you to verify whether sensitive data may be at risk and identify its distributed location. From source code to trade secrets to strategic business plans, IP and other information assets are critical to your brand, public reputation, and competitive edge. Protecting data during transmission is critical, but securing sensitive data before it is inappropriately accessed or moved is a priority.

Determine what information to protect — You can configure McAfee DLP Discover to scan specific repositories and identify data for explicit protection.

Define policies for protection — DLP Discover provides intuitive and unified policy creation, reporting, and management to give you more control over your information protection strategy for data at rest.

Capture and analyze stored data — DLP Discover indexes all content found at rest in the network and allows you to query and mine this information to quickly understand your sensitive data, how it is used, who owns it, where it is stored, and to where it has proliferated.

Control sensitive information

Filter and control sensitive information with multivector classification. Inventory and index all content, and then query and analyze that data to better understand and manage it.

Identify the most exotic data

Classify data that does not fall into standard file categories. DLP Discover uses a technology called “Concepts” to describe where you can find data within a file. Once defined, it is easy to use Concepts anywhere within the system to find, categorize, and search for specific data items.

Review and remediate violations

Learn the origin of content violations, register and generate signatures, and send alert notifications to protect documents and the information within them more effectively. Integrated case management supports notification to content owners and system administrators using configurable messages.

Get powerful reporting

Customize summary and detail views of inventory logs and search results. You can create reports on demand or schedule for regular delivery. To get you started, the system comes with over 20 preconfigured, customizable reports.

Guarantee broad content compatibility

Get broad database support

Access support for the following databases: Oracle 8i and later; MySQL Enterprise 5.0 and 5.1; Microsoft SQL Server 7.0, up to 2008; and IBM DB2 5 thru 9.1.

Create advanced data analytics

Perform a granular investigation and historical inspection of information to detect risk of data exposure. Quickly identify sensitive information through an intuitive search interface, and determine who is sending data and where it is located.

Gain common repository support

Get support for the following repositories: Common Internet File System (CIFS), Server Message Block (SMB), Network File System (NFS), HTTP/HTTPS, FTP, Microsoft SharePoint, and EMC Documentum.

Register data instantly

Register data from any supported repository or database. You can use signatures from registered data to detect sensitive material in policies enforced across the network.

Develop powerful rule definitions

Create robust rules to define what data is scanned, including keywords, regular expressions, database tables, rows and columns, and unique McAfee Concepts. Document registration to rules, including network path scanning, on a configurable schedule, and easily discriminate between non-sensitive and sensitive information. You can also restrict rule and policy enforcement to specific scan operations.

System Requirements

McAfee DLP Monitor, McAfee DLP Discover, and McAfee DLP Prevent are now supported on the McAfee DLP 5500 appliance. The DLP 5500 appliance is an Intel-based platform with dual six core CPUs, 32 GB of RAM and over 10 TB of storage in a 2U form factor. DLP hardware appliance solutions are self-contained devices. There are no minimum software or hardware system requirements or additional database installations required.

Resources

Data Sheets

Reports

Most effective DLP solutions are implemented as a business process, rather than a “set and forget” technology. This latest Gartner report identifies some key challenges CISOs face and provides guidance on a business process approach to a successful DLP implementation.

Implementing and managing DLP isn’t nearly as difficult as many security professionals expect. Over the 10 plus years Securosis has covered the technology — talking with hundreds of DLP users — countless tips, tricks, and techniques have been collected for streamlined and effective deployments and have been compiled into straightforward processes in this report to ease most common pain points.

Together, Boldon James Classifier and McAfee Network Data Loss Prevention reduce the risk of data loss by applying the insight of each knowledge worker to data loss prevention decisions. Classifier captures the user’s knowledge of the business value of data in the form of visual and metadata markings applied to messages and documents.

Community

Blogs

No good comes of breaches. Accessing and publicly revealing information meant to be private is rarely appropriate, and sometimes it can be downright ugly. The latest incident to fall into this category? A recent breach of an online cheating site, affecting up to 37 million people. Here’s what you need to know. On Sunday night, […]

It should come as no surprise that your data is the most valuable commodity you have on the information superhighway. Your data is so valuable, in fact, that cybercriminals go to great lengths to steal it. But that doesn’t mean your data is always hard to get. Sometimes, when a company falls on hard times, […]

Watch any movie that involves computer security or hacking and someone will talk about the strength of the firewall or the protection of encryption. At one point in the history of the Internet, firewalls were thought of as not just essential, but the cure-all of threat woes. Likewise, encryption was seen as the silver bullet […]

In the Digital Age, email is second nature. It’s a commonly accepted method of communication, and a convenient one, at that. With convenience, however, comes danger – especially if you’re not even alerted to the bait! This email ‘bait’ I’m referring to comes in the form of phishing scams, which are becoming increasingly abundant as […]

Selling stolen data is an easy way for cybercriminals to make some quick money on cyber black markets. The following flowchart shows a generic credential-stealing campaign in action. In the last step, the flow is bidirectional. The malware makes a two-way authentication-free connection between the victim and the attacker. This two way connection not only […]